Filtered by vendor Microsoft
Subscriptions
Total
20261 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20698 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2024-10-08 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-20694 | 1 Microsoft | 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more | 2024-10-08 | 5.5 Medium |
| Windows CoreMessaging Information Disclosure Vulnerability | ||||
| CVE-2024-20691 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2024-10-08 | 4.7 Medium |
| Windows Themes Information Disclosure Vulnerability | ||||
| CVE-2024-20690 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2024-10-08 | 6.5 Medium |
| Windows Nearby Sharing Spoofing Vulnerability | ||||
| CVE-2024-20683 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-08 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-20682 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-10-08 | 7.8 High |
| Windows Cryptographic Services Remote Code Execution Vulnerability | ||||
| CVE-2024-20680 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-08 | 6.5 Medium |
| Windows Message Queuing Client (MSMQC) Information Disclosure | ||||
| CVE-2024-20658 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-10-08 | 7.8 High |
| Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | ||||
| CVE-2024-20657 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-08 | 7 High |
| Windows Group Policy Elevation of Privilege Vulnerability | ||||
| CVE-2024-20654 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-08 | 8 High |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-20674 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-08 | 8.8 High |
| Windows Kerberos Security Feature Bypass Vulnerability | ||||
| CVE-2024-21337 | 1 Microsoft | 1 Edge Chromium | 2024-10-08 | 5.2 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2024-20676 | 1 Microsoft | 1 Azure Storage Mover | 2024-10-08 | 8 High |
| Azure Storage Mover Remote Code Execution Vulnerability | ||||
| CVE-2023-6702 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Edge Chromium | 2024-10-08 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-6753 | 2 Lfprojects, Microsoft | 2 Mlflow, Windows | 2024-10-08 | 8.8 High |
| Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. | ||||
| CVE-2023-2110 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-10-07 | 8.2 High |
| Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian. | ||||
| CVE-2023-2316 | 3 Linux, Microsoft, Typora | 3 Linux Kernel, Windows, Typora | 2024-10-07 | 7.4 High |
| Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | ||||
| CVE-2023-2317 | 3 Linux, Microsoft, Typora | 3 Linux Kernel, Windows, Typora | 2024-10-07 | 8.6 High |
| DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in <embed> tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | ||||
| CVE-2023-2318 | 4 Apple, Linux, Marktext and 1 more | 4 Macos, Linux Kernel, Marktext and 1 more | 2024-10-07 | 8.6 High |
| DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText. | ||||
| CVE-2023-2971 | 3 Linux, Microsoft, Typora | 3 Linux Kernel, Windows, Typora | 2024-10-07 | 6.3 Medium |
| Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | ||||